Page 14 of 5053 results (0.147 seconds)

CVSS: 5.2EPSS: 0%CPEs: 5EXPL: 1

A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY/SYSTEM through the use of the repair functionality offered by the .msi file used to install GlobalProtect. Palo Alto Networks GlobalProtect versions 5.1.x, 5.2.x, 6.0.x, 6.1.x, 6.3.x and versions less than 6.2.5 suffer from a local privilege escalation vulnerability. • https://security.paloaltonetworks.com/CVE-2024-9473 https://sec-consult.com/vulnerability-lab/advisory/local-privilege-escalation-via-msi-installer-in-palo-alto-networks-globalprotect • CWE-250: Execution with Unnecessary Privileges •

CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0

This could lead to local escalation of privilege with System execution privileges needed. • https://www.unisoc.com/en_us/secy/announcementDetail/1843898270204624897 •

CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0

This could lead to local escalation of privilege with System execution privileges needed. • https://www.unisoc.com/en_us/secy/announcementDetail/1843898270204624897 •

CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0

This could lead to local escalation of privilege with System execution privileges needed. • https://www.unisoc.com/en_us/secy/announcementDetail/1843898270204624897 •

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

Under specific circumstances, insecure permissions in Ivanti Velocity License Server before version 5.2 allows a local authenticated attacker to achieve local privilege escalation. • https://forums.ivanti.com/s/article/Security-Advisory-Velocity-License-Server-CVE-2024-9167 • CWE-276: Incorrect Default Permissions •